PRZOOM - /newswire/ -
San Diego, CA, United States, 2008/01/28 - Utilizing real-time state-of-the-art filtering Intelligence, LogClarity 4.0 puts an end to the vicious cycle by solving the Log Retention Riddle - LogFidelity.com.
Log Fidelity Corporation today announced the availability of LogClarity 4.0 – the latest release of its Active Directory-focused event log management and forensics solution. LogClarity 4.0 brings automated ‘Intelligence” filtering to its arsenal with new unprecedented event correlation technology. Available today, the new release delivers complete real-time analysis of events as they are generated, utilizing years of research into the undocumented definitions of the cryptic Windows event logs. The LogClarity Design Framework (LCDF) bridges the gap between mindless “collect all methods” and the “bare-bones” nominal auditing measures that companies resort to when faced with log retention limits. LogClarity 4.0 allows organizations to enable unrestricted auditing to ensure all critical event details are collected without forfeiting additional ancillary hardware costs.
Windows is the most widely accepted operating system for businesses because of lower costs and ease of use. Unfortunately, the Windows auditing system is seriously flawed in comparison to all other types of system auditing. This is at the heart of why other log solutions fail miserably when they are tasked with collecting Windows logs for security, forensics and compliance purposes.
LogClarity 4.0 is a giant leap forward towards simplified translation of the cryptic Windows event logs into real understandable actions. LogClarity 4.0 encapsulates the finest detail of every user, group, computer, Organizational Unit, and Group Policy activity by being tightly integrated within Active Directory. This is absolutely necessary to provide an accurate foundation for true event log analysis on Windows. These technological advancements are only a portion of what sets LogClarity apart from the sea of other log collection tools.
Most logging solutions are focused and designed to monitor network activity as if the majority of risk is from outside the enterprise. Network monitoring and security is clearly valuable to accomplish and maintain, however, Log Fidelity feels it is equally necessary to provide detailed analysis and attention to what is going on inside the firewall. LogClarity 4.0 provides a balanced approach to enable organizations to monitor and secure critical assets from all types of threats from inside or outside the enterprise.
Group policies and audit policies can be the Achilles Heel of every Windows Domain. “Without tying in detailed monitoring of existing critical group/audit policy changes and new group/audit policies added to the enterprise, audit trails are in serious jeopardy of being incomplete and unusable” says, Johnathan McCray, Head of Product Management for Log Fidelity. Johnathan goes on to say, “LogClarity 4.0 provides powerful built-in security measures that other log management solutions leave for chance.
New LogClarity 4.0 Features and Enhancements
New Automatic Event Correlation
Finding security incidents through event logs is a tedious time consuming task even with central management of the event logs. LogClarity’s event correlation engine automatically finds associated actions which reduces manual incident data mining tremendously. From Logins to File Access activity, LogClarity 4.0 streamlines this major stumbling block into instant results for forensic purposes.
• New UNIX/Linux, Network Device, Mainframe support
To achieve the goal of being Active Directory-focused while providing a wide range of log coverage, LogClarity 4.0 now supports event logs from an array of network devices, UNIX and mainframe systems. LogClarity 4.0 normalizes syslog events into easy-to-understand format for simplified data mining. LogClarity’s monitoring, forensics features and reporting framework are all crucial pieces of the security and compliance landscape.
• New Dynamic On-Demand Reporting Facility
Reports need to be generated based on the needs of the individual that is running the report. LogClarity 4.0 On-Demand reporting provides any/all possible reports to be run with easily selectable items. The selectable items are dynamically generated based on the actual events that have been collected during the time period defined. Every report option that is available will retrieve log data that is specified. This capability offers guaranteed results and accurate report data on-demand.
• New Incident Response, Resolution and Reassignment Alerting
LogClarity 4.0 provides a solid approach to managing critical incidents with prioritizing, resolving, and reassignment features. LogClarity’s managed scope features allow defined areas of responsibility for users to handle their own incident response. However, security and administrative personnel have a variety of functions to serve within large enterprises. LogClarity 4.0 offers slick reassignment of alerts to other users so they can be handled efficiently and appropriately. Full notes and resolution status is stored for later review.
• Improved Application/System Level Monitoring
Real-time, 24/7 collecting, monitoring and management of application and system log events from across the enterprise can be simplified using LogClarity 4.0. Unusual system behavior including early detection of logic bombs or other threats can be determined instantly. LogClarity’s new easy-to-use alerting can be deployed to auto-detect security violations and malicious activity.
• Enhanced Compliance Reporting
A whole suite of Built-Reports that are designed specifically for all the key areas for each legislative standard are provided with simple to use selectable categories. Full support for SOX, HIPAA, FISMA, PCI, and others are available.